Privacy Impact

Assessment:
[Insert Project Name]
Date:

Document Control and Reviews

Document Control
Date Author Version Change Reference

/conversion/tmp/activity_task_scratch/568750998.docx Page 1 of 18
Department
PIA 2019-XX-xx DATE, 2019

Date Author Version Change Reference

Reviews
Date File Name / Version # Reviewed by

Note: It is recommended you send your PIA to the department’s Privacy Officer for review.

1.1 Policies, Forms and Reports (PIA Manual reference: 5.1 Collecting information and supporting
documentation)
Prior to conducting a PIA, identifying other individuals who have knowledge of the initiative, the business
area and processes is critical. A PIA also requires the expertise of others such as information technology
and security analysts, and your ATIPP staff to ensure that the assessment is accurate and comprehensive.

Completing a PIA requires a lot of information, so before you begin writing be sure to gather as much
information and supporting documentation as possible such as:
 Project charters;
 Business requirements;
 Forms used by the program to collect PI;
 Other applicable legislation (beyond ATIPP and HIPMA) that may be relevant;
 Operational procedures and business process documentation;
 User, administrative and/or technical manuals from vendors;
 Agreements – e.g. Services, System Access, Information Sharing, Acceptable Use;
 System documentation such as network and system architecture diagrams, data models, technical
and security requirements, and system configuration;
 Policies and Procedures; and
 Previously conducted related PIAs.

Parties Involved Role

Policy Name Hyperlink or Appendix number

Document Name Hyperlink or Appendix number

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 2 of 18
Department
PIA 2019-XX-xx DATE, 2019

Form Name Hyperlink or Appendix number

Report Name Purpose of Report Audit Logs on Report (Y/N)

1 GENERAL
Department/Corporation:
PIA Drafter:
Program Manager:

In the following questions, delete the descriptive text and replace it with your own.

1.1 Project Overview (PIA manual reference: 5.2 Documenting the project)
1.1.1 Description of the Project (PIA manual reference: 5.2.1 Description of the project)
This section of the PIA should provide a general description of the project and the context in which it functions.
Depending on the complexity of the initiative, this may be quite lengthy and may include a Background, Current
State and Future State description. For smaller initiatives, a few paragraphs may suffice. Whatever the case, you
want to make the reader understand why the initiative is being done.

1.1.2 Scope of PIA (PIA manual reference: 5.2.2 Project scope)

Identifying the project scope for a PIA involves documenting the specific goals, deliverables, features, functions,
and deadlines. For example: The project scope includes the installation of Software A in the XX department for use
by 2 authorized staff to conduct specialized patient testing for a 3 month pilot project commencing on Jan 1, 2018
and ending on Mar 31, 2018. This information can often be found in a Briefing Note or Project Charter for larger
projects. In some cases, identifying what is out of scope can add clarity to what precisely is in scope.

1.1.3 Parties Involved (PIA manual reference: 5.2.3 Parties involved)

All parties that may collect, use, or disclose information involved in the initiative being assessed must be identified,
along with the justification (purpose) and legal authority for doing so. Parties may include a vendor that may
access and/or use personal information to provide support, patients that provide their information, and staff of the
department/organization that collect and use the information. Business areas involved in the project should be
noted in the PIA by identifying job functions and the legal authority under which they participate.

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 3 of 18
 Department
PIA 2019-XX-xx DATE, 2019

Stakeholder Function List Applicable

Legislation

1.1.4 Objectives and Benefits (PIA manual reference: 5.2.4 Objective and benefits)
State the project’s objective succinctly, as well as the anticipated benefits to the organization (i.e. time and costs
efficiencies, etc.). Again, for larger projects this information is often available in existing Project Charters,
Briefing Notes and other project documents.

1.1.5 Description of Personal Information Collected (PIA manual reference: 5.3.1 Types of data
(field level or clusters))
In the excel file below, complete Tab 2: Categories of PI.

Personal
Information Map.xls

2 DATA FLOW MAPPING AND TABLES

2.1 Personal Information Flow Diagram and Table (PIA manual reference: 5.3.3 Data
flow mapping)
Please provide a flow diagram that shows how your initiative will collect, use, and/or disclose personal
information and complete the table below. For an example of a completed data flow, see section 5.3.3 in
the PIA Manual.

NOTE: You need only cite the categories of PI identified when you completed the excel file in question 1.1.6

INFOR- DESCRIPTION INFORMATION CATEGORY PURPOSE LEGAL CUSTODY OR

MATION (Who is it from, who is AUTHORITY CONTROL
FLOW it going to, who will use (cite specific (Who is
it, etc.) sections of accountable for
appropriate the
legislations) information?)
1 PI is collected Identification and Contact
indirectly/directly from Information, Education Information
X by X

2 PI is used by X

3 PI is used by X

4 PI is disclosed by X to X

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 4 of 18
Department
PIA 2019-XX-xx DATE, 2019

3 PRIVACY ANALYSIS

The following analysis informs the risk summary and mitigation plan of the PIA.
Risks identified in the following sections (3.1-3.10) feed directly into the Risk and
Mitigation table in section 4.1.

3.1 Accountability (PIA manual reference: 5.5.1 Accountability)

Objective: To ensure a program and public body or custodian designates an individual(s) who is
responsible to ensure compliance with privacy legislation. For more detailed information, see section 5.5.1
in the PIA Manual.

Relevant sections of legislation and policy: HIPMA General Regulations s. 16; GAM 2.27 paragraph 3(2)
(e) and 3(2)(f).

3.1.1 Identify Information Owner(s)

Name Position

3.1.2 Identify the Department’s Privacy Officer(s)

Name Position

3.1.3 Identify Third Party Service Providers

For example: Is ICT hosting applications or databases, or are you using a contractor, or both?

Service Provider Name Services Provided Written Agreement (Y/N)

3.1.4 Identify Privacy Risks/Security Threats regarding Accountability

Risk Description
1-1 Describe Privacy Risk / Threat here

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 5 of 18
Department
PIA 2019-XX-xx DATE, 2019

3.2 Identifying Purpose (PIA manual reference: 5.5.2 Identifying Purposes)

Objective: To ensure the purposes for which personal information is collected is identified by the public
body or custodian at or before the time the information is collected. For more detailed information, see
section 5.5.2 in the PIA Manual.

Relevant sections of legislation and policy: HIPMA Subsection 39(a): the purpose of the collection, use or
disclosure of the personal health Information; and subsection 30(2) of the ATIPP Act.

3.2.1 Describe how your project has notified the individual the purpose for which the personal
information is being collected? Include sample collection notice.
For example: intake forms, posters, verbally, etc. …
Please include your proposed or existing wording for a collection notice and where it will be located for
individuals to read before collection takes place.  You can also attach a screen shot or a copy of your form
where the collection notice would be located.  

3.2.2 Identify Privacy Risks/Security Threats regarding Identifying Purpose

Risk Description
2-1 Describe Privacy Risk / Threat here

3.3 Consent (PIA manual reference: 5.5.3 Consent)

Objective: To ensure consent is collected in compliance with relevant privacy legislation. For more
information, see section 5.5.3 of the PIA Manual.

Relevant sections of legislation and policy: HIPMA Section 39: Knowledgeable consent; HIPMA Section
41: Notice and Knowledgeable Consent; ATIPP Subsection 35(1)(b): Use of Personal Information; ATIPP
Subsection 36(b): Disclosure of Personal Information.

Note: Consent is not an authority to collect personal information under ATIPP – it can only be used if
your program is governed by HIPMA.

3.3.1 Is consent being utilized as an authority to collect, use and/or disclose personal
information?
At minimum, address the following in your response:
 Whether consent is being collected for the collection, use or disclosure;
 Demonstrate how the consent meets applicable legal requirements;
 A sample of the consent statement that will be utilized;
 Whether the individual can withdraw their consent;
 Whether standards/procedures are in place to ensure the individual is authorized or has the
capacity to give consent; and
 The manner by which consent will be obtained: implied consent, express consent…

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 6 of 18
Department
PIA 2019-XX-xx DATE, 2019

3.3.2 Identify Privacy Risks/Security Threats regarding Consent

Risk Description
3-1 Describe Privacy Risk / Threat here

3.4 Collection of Personal Information (PIA manual reference: 5.5.4 Limiting

collection)
Objective: To ensure the collection of personal information is in compliance with relevant privacy
legislation and is limited that which is necessary for the purposes of the program or activity. For more
information, see section 5.5.4 of the PIA Manual.

Relevant sections of legislation and policy: HIPMA Section 53: Where collection is permitted; HIPMA
Section 54: Where Indirect Collection is permitted; HIPMA: Collection of Personal Health Information
Policy; ATIPP Section 29: Purpose for which Personal Information may be collected; ATIPP Section 30:
How Personal Information is to be Collected; ATIPP: Collection of Personal Information Policy.

3.4.1 Describe how personal information is collected directly from individuals.

At minimum, address the following in your response:
 Whether it was collected directly from
o The individual?
o An authorized representative (include sample of authorization)?
o Parent or guardian?
 Whether it was collected via
o Electronic form?
o Paper form?
o Faxed to the program?
o Emailed to the program?
o Mailed to the program?

3.4.2 Describe how personal information is collected indirectly from individuals.

Note: Review relevant policies and legislation to ensure compliance: HIPMA Section 54: Where Indirect
Collection is permitted; HIPMA: Collection of Personal Health Information Policy; ATIPP Section 30:
How Personal Information is to be Collected; ATIPP: Collection of Personal Information Policy.

3.4.3 Has the program conducted a review of the personal information collected to ensure only
the minimum necessary is being collected?
At minimum, address the following in your response:
 The individual who conducted the review as well as the date of the review occurred.

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 7 of 18
Department
PIA 2019-XX-xx DATE, 2019

3.4.4 Identify Privacy Risks/Security Threats regarding Collection

Risk Description
4-1 Describe Privacy Risk / Threat here

3.5 Use, Disclosure and Retention of Personal Information (PIA manual reference:
5.5.5 Limiting use, disclosure, and retention)
Objectives:
(1) To ensure personal information is used and disclosed for purposes it was collected, except with the
consent of the individual or if authorized by law.
(2) To ensure personal information is retained only as long as necessary for the fulfillment of the stated
purposes and is destroyed as authorized by law. For more information, see section 5.5.5 of the PIA
Manual.

Relevant sections of legislation and policy: HIPMA Section 55: Use with Consent; HIPMA Section 56: Use
not Requiring Consent; HIPMA Section 57: Disclosure with Consent; HIPMA Section 58; Disclosure not
Requiring Consent; HIPMA Policies: Use and Disclosure of Personal Health Information; ATIPP Section
35: Use of Personal Information; ATIPP Sections 36 – 39: Disclosure of Personal Information; ATIPP
Policies: Use and Disclosure of Personal Information; Archives Act Records Management Regulations
Section 5.

3.5.1 Does your project use personal information to make decisions that directly affect(s) an
individual(s)?
For example: A determination about whether an individual is entitled to income assistance, a decision on
hiring an individual, or a determination about eligibility for subsidized housing.

At minimum, address the following in your response:

 Describe what measures will be taken to ensure personal information will be retained for at least
one year.

3.5.2 What secondary uses or disclosures are contemplated for the personal information
collected?
At minimum, address the following in your response:
 What the information will be used or disclosed for;
 What organization will the information be used by or disclosed to;
 Whether consideration has been given to de-identifying the information;
 Whether data-linking will occur;
 Whether unique identifiers will be used or assigned;
 Whether a formal agreement has been entered into.
o Does the agreement adhere to policy requirements? For example, as defined in the
“Agreements” section in the Disclosure Personal Information Policy for ATIPP.

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 8 of 18
Department
PIA 2019-XX-xx DATE, 2019

3.5.3 Describe how personal information is used for evaluation or planning purposes.

3.5.4 Does the project disclose personal information for research or statistical purposes? If yes,
please explain and attach the research agreement.
For example: you will be disclosing information to PhD students so they can conduct research.

3.5.5 Has a Records Retention and Disposition Schedule been completed?

Note: Refer to your Information/Records Officer if you do not have access to a Records retention and
Disposition schedule. Refer to Archives Act Records Management Regulations Section 5 for more
information.

3.5.6 Identify Privacy Risks/Security Threats regarding Use, Disclosure, Retention Disclosure

Risk Description
5-1 Describe Privacy Risk / Threat here

3.6 Accuracy of Personal Information (PIA manual reference: 5.5.6 Accuracy)

Objective: To ensure personal information is accurate, complete and up-to-date for the required purpose.
For more information, see section 5.5.6 of the PIA Manual

Relevant sections of legislation and policy: HIPMA Section 52: Accuracy of Information Collected;
HIPMA Section 28: Correction of Personal Information; ATIPP Section 31: Accuracy of Personal
Information; ATIPP Section 32: Right to Request Correction of Personal Information.

3.6.1 Describe the steps taken to ensure that the personal information is accurate, complete and
up-to-date.
For example: records indicate the date the information was last updated; the information systems logs
corrections or modifications to information

3.6.2 Describe how an individual’s information will be updated or corrected.

At minimum, address the following in your response:
 Whether there is a policy or procedure in place;
 Whether users have access to update their own information;
 Whether notes/record will be made on a government case file;
 Whether the information provided will be checked for accuracy; and
 Steps taken to notify parties the information was shared with of the corrections that was
previously disclosed.

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 9 of 18
Department
PIA 2019-XX-xx DATE, 2019

3.6.3 Identify Privacy Risks/Security Threats regarding Accuracy

Risk Description
6-1 Describe Privacy Risk / Threat here

3.7 Safeguarding Personal Information (PIA manual reference: 5.5.7 Safeguards)

Objective: To ensure personal information is protected against unauthorized access, collection, use,
disclosure, retention and disposal. For more detailed information on safeguarding personal information,
see section 5.5.7 in the PIA Manual and Schedule 3: Detailed Technical and Security Questionnaire in the
PIA Manual.

Relevant sections of legislation and policy: HIPMA Section 19: Custodian’s Information Practices
Generally and HIPMA General Regulation Section 14: Custodian’s Information Practices; ATIPP Section
33: Protection of Personal Information

3.7.1 Has a Security Threat Risk Assessment (STRA) been completed?

If a STRA has been completed, and it has addressed the questions below, reference the section or page of
the STRA where the analysis occurred.

3.7.2 Describe how users are authenticated before accessing the information.
Objective: To corroborate that a person is the one claimed.

At minimum, address the following in your response:

 What method is used:
o Something the individual knows; a password or PIN, for example.
 Are passwords known only to the authorized user of the account?
 Where authentication is based on username and password, are effective
password policies in place and do they adhere to YG’s corporate password
policy?
o Something the individual has; a swipe card or token, for example.
o Something the individual is; a fingerprint, voice scan or retinal scan, for example.
 Are users assigned a unique name and/or number for identifying and tracking user identity?
 What is the current format used for unique identification?
 Can the unique user identifier be used to track user activity within the information system?
 Does the information system have automatic logoff capability whereby users must re-authenticate
to access the information system?

3.7.3 Describe how access to the information is controlled.

Objective: Only individuals with a need to know have access to data; based upon job duties, restrict user
functions to view, read, write, delete, and/or execute roles.

At minimum, address the following in your response:

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 10 of 18
Department
PIA 2019-XX-xx DATE, 2019

 Are access privileges limited to the least amount of personal information required to carry out
job-related functions?
 What method(s) is/are used?
o User-based access: An individual has access to data based on who he or she is.
o Role-based access: An individual has access to data based on his or her role within the
organisation.
o Context-based access: An individual has access to data based on where and when he or
she is accessing the data. Context-based access also incorporates user-based and/or
role-based access to authenticate the user.
 Is there an access control policy?
o Does the access control policy clearly state the information access privileges for each
defined role in the information system?
o Does the access control policy clearly state the information access privileges for each
defined role in the information system?
o Is a formal user registration process in place?
 Does the user registration process include: verification of access levels,
maintenance of records of access privileges, audit processes, and actions to
ensure access is not granted until formally approved?
 Is a current, accurate inventory of computer accounts maintained and is it
reviewed on a regular basis to identify dormant, fictitious or unused accounts?
o Is there a formal process to assign defined roles to users?
o Is a monitoring process in place to oversee, manage and review user access rights and
roles at regular intervals?
 Are users given a written statement of their access rights and required to sign that they
understand the conditions of access?

3.7.4 Describe how you will audit or track who accessed information.
Objective: To have a record showing who has had access to the information system and what operations
were performed during a period of time.

At minimum, address the following in your response:

 Are audit trails in place to record user activities so as to inform any future investigations and
access control monitoring?
o If audit trails are in place, do they include:
 User IDs;
 Dates, times, and details of key events (for example, logging-on and off);
 Records of successful and rejected system access attempts;
 Files accessed and kinds of access (for example, which files were viewed and
whether information was modified);
 Use of privileges; and
 Use of system utilities and applications.
 Are protections in place to protect audit trails of confidential information?
 Are protections in place to ensure audit trails cannot be modified, de-activate or deleted?
Including system administrators.
 Are banners or alerts provided to employees when they access a system that their use of the
system is being monitored and recorded in an audit trail?
 Are policies and procedures in place on monitoring system use and use of audit logs? Do the
policies or procedures include:
o When audit trails will be reviewed;

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 11 of 18
Department
PIA 2019-XX-xx DATE, 2019

o Who is responsible for reviewing the audit trail; and

o Employees being informed of consequences if the audit trail reveals unauthorized use.

3.7.5 Describe where and how information is transmitted.

Objective: To safeguard against unauthorized access and modification during transmission (both physical
and electronic information).

At minimum, address the following in your response:

 How does your program transmit information?
o How often does your program transmit information?
o Is there a procedure in place to ensure that any removal of personal information from
the premises has been properly authorized?
 Is data encrypted to prevent access by individuals without access rights?
o Encryption is recommended for the following:
 Back-up media that must leave the facility
 Emails containing sensitive information
 Laptops or mobile devices containing sensitive information
 Internet sessions involving sensitive information
 Any remote access sessions involving sensitive information
o What method of encryption will be used?

3.7.6 Describe where and how information is stored.

Objective: To safeguard against unauthorized access and modification at rest (both physical and electronic
information).

At minimum, address the following in your response:

 Where is information stored?
o Is information is stored in a SQL database on a server in the ICT data centre; on a third
party’s server; filing cabinets?
 Is data encrypted to prevent access by individuals without access rights?
o What method of encryption will be used?

3.7.7 Describe the physical security measures taken to protect the personal information.
Objective: To protect the actual computer hardware, software, data and information from physical damage
or loss due to natural, human, or environmental threats.

At minimum, address the following in your response:

 Do physical security measures include
o Locked cabinets?
o Locked office doors?
o Pass cards?
o Motion detectors and other intrusion alarm systems?
o Procedures for visitors?
 Do physical security measures for workstations include
o Publicly accessible service counters kept clear of personal information?

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 12 of 18
Department
PIA 2019-XX-xx DATE, 2019

o Situating workstations so visitors cannot read screens?

o Enable password protected screen savers?
 Is there a nightly closing protocol requiring employees to:
o Clear all personal information from desks and place files containing personal
information in locked filing cabinets?
o Lock all office doors and cabinets?
o Log out of all computers?
o Remove all documents containing personal information from fax machines and printers?
o Set intrusion alarms (where installed)?
 Are users aware of how to securely dispose of information or equipment?
o Is a policy or procedure in place regarding the secure disposal of equipment?
o Is a policy or procedure in place regarding the secure disposal of personal information
or sensitive business information? Does the policy or procedure include:
o A requirement to identify which types media will require secure disposal; and
o The disposal of the information has been logged in order to establish an audit trail.
 Is the program’s information backed-up regularly?
o Are there routine procedures, policy and strategy for taking back-up copies of data and
restoring the services?
 Are procedures in place for the management of removable media? Do the procedures include:
o Authorization is required for media removed from the organization and a record of such
removals are retained for purposes of establishing an audit trail;
o Registration of removable media. For example, recording to whom, what information,
when and on what type of media was information extracted and stored; and
o Ensure removable drives are only enabled if there is a business reason for doing so.

3.7.8 Describe the technical security measures taken to protect the personal information.
Objective: To secure the information system and the networks on which the data and information reside.

At minimum, address the following in your response:

 Does the organization use a variety of mechanisms (e.g. firewalls, routers, intrusion detection and
prevention systems, audit logs, system performance tools, etc.) to continuously monitor the
operations of their systems to detect anomalies in service delivery levels?
o Are systems that are exposed to a public network “hardened”?
o Does the LAN that is connected to a public network use perimeter defence safeguards?
o If wireless devices are used, are the strongest security features of the wireless device
enabled (encrypted and authentication, for example)?
o Is a wireless intrusion detection system employed?
 Are operating systems kept up-to-date with patches and fixes?
 Is there a regular schedule for updating definitions and running scans with anti-virus, anti-
spyware and anti-rootkit software?
 Are expert websites and vendor software websites regularly checked for alerts about new
vulnerabilities and patches?
 Are all system/audit logs that relate to the handling of personal information regularly monitored?
 Are procedures in place to ensure that security events (e.g. unauthorized access, unsuccessful
system access attempts, etc.) are identified, recorded, reviewed and responded to promptly?
 Are backup processes in place to protect essential business information such as production
servers, critical network components, configuration backup, etc?
 Are there controls that prevent or detect unauthorized software?

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 13 of 18
Department
PIA 2019-XX-xx DATE, 2019

 Is there a patch management process for new security vulnerabilities?

3.7.9 Describe the administrative security measures taken to protect the personal information.
Objective: To control human behaviour through clearly written policies and procedures.

At minimum, address the following in your response:

 Are employees aware of or affirmed in writing they have read and understood corporate privacy
policies for
o HIPMA; or
o ATIPP?
 Are agreements in place for information exchanged between your department and another party,
and that these agreements fulfill the requirements of the governing privacy legislation?
 Do all contracts that involve personal information contain a privacy protection schedule?
o Are contractors required to comply with the organization’s privacy and security policies
or equivalent policies to ensure that contractors are bound by the same legislated
privacy standards as the organization?
o Are contractors and other third parties required to return personal information to the
contracting organization upon completion of the contract?
o If not required to return the information, are contractors and other third parties required
to securely destroy, using an approved method, the information at the completion of the
contract?
o Are there regular inspections and/or audits (scheduled and unscheduled) of contractors
and third parties to ensure compliance with security and privacy standards?
o Are there contractual provisions in place to control outsourcing of any role involving
personal information to sub-contractors?
o Are contractors required to complete privacy training?
 Has training been implemented for all employees, data custodians and management to ensure they
are aware of and understand permitted access, use and disclosure of personal information?
 Has training been implemented for all employees, data custodians and management to ensure they
are aware of and understand requirements for password maintenance and proper password
security?
 Are employees required to sign confidentiality agreements?
 Are potential employees who will have access to personal information adequately and
appropriately screened?
 Is there a process to ensure immediate recovery of keys and pass cards, and the revocation of
access privileges and appropriate notification of security personnel when a termination
(voluntary or involuntary) occurs?
 Is there a contingency plan (including Data Backup Plan, Disaster Recovery Plan, and
Emergency Mode Operation Plan)?
 Are standards in place on the use various communications media (both physical and electronic
media)?
 Is there a policy governing the use of mobile devices and removable media if being used to store
personal information?

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 14 of 18
Department
PIA 2019-XX-xx DATE, 2019

3.7.10 Identify Privacy Risks/Security Threats regarding Safeguards

Note: Include Risks identified in STRA

Risk Description
7-1 Describe Privacy Risk / Threat here

3.8 Openness (PIA manual reference: 5.5.8 Openness)

Objective: To make readily available a program’s and a public body’s or custodian’s policies and
practices relating to the management of personal information. For more information, see section 5.5.8 in
the PIA Manual.

Relevant sections of legislation and policy: HIPMA Section 21: Statement of information practices to be
made public; GAM 2.27subsection 2(2)(g).

3.8.1 Describe how policies and procedures related to the management of personal information
are made available to the public.

3.8.2 Identify Privacy Risks/Security Threats regarding Openness

Risk Description
8-1 Describe Privacy Risk / Threat here

3.9 Individual Access to Personal Information (PIA manual reference: 5.5.9 Individual
access)
Objective: To ensure compliance with privacy legislation by giving individual timely access personal
information held by public bodies or custodians.

Relevant sections of legislation and policy: HIPMA Section 24: Right to Access, Section 25: Application
for Access, Section 26: Custodian’s Response to access request; ATIPP sections 1(1)(b), 5 and 6.

3.9.1 Describe how access to the personal information will be facilitated.

3.9.2 Has a Personal Information Map been completed for this project?
Note: Complete Tab 3: PI Map (Inventory) from the excel file you completed when answering question
1.1.6.

3.9.3 Identify Privacy Risks/Security Threats regarding Access/Correction

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 15 of 18
Department
PIA 2019-XX-xx DATE, 2019

Risk Description
9-1 Describe Privacy Risk / Threat here

3.10 Challenging Compliance (PIA manual reference: 5.5.10 Challenging compliance)

Objective: To ensure a process is in place for individuals to challenge a public body’s or custodian’s
compliance with privacy legislation.

Relevant sections of legislation and policy: HIPMA Paragraph 19(3)(g): establish a procedure for
receiving and responding to complaints regarding its information practices; GAM 2.27: Privacy
Complaints Policy

3.10.1 Are policies and procedures related to the management of personal information available to
the public?

3.10.2 Are staff aware and procedures in place to respond to a privacy complaint?

3.10.3 Identify Privacy Risks/Security Threats regarding Challenging Compliance

Risk Description
1 Describe Privacy Risk / Threat here

4 OVERALL RISK AND MITIGATION

4.1 Risk Mitigation Table (PIA manual reference: 6.0 Assessing risk and mitigation
strategies)
Please complete the table below. Input all of the risks identified in sections 3.1 to 3.10, identifying any privacy
risks associated with the collection, use or disclosure of the personal information involved in this project and
stating the mitigation strategies that will be implemented.
For more information, see section 3 in the PIA Manual.

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 16 of 18
Department
PIA 2019-XX-xx DATE, 2019

# Privacy Risk / Threat Likel Impa Risk Mitigation Strategy Account- Risk
ihoo ct Level ability Level
d After
Mitigati
on
1 Records of PHI are stored L M L Move the records of Records VL
in a shoebox under the PHI to a filing cabinet Management
desk, creating a risk that that is securely locked Unit
PHI can be accessed by when not in use.
unauthorized individuals.

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 17 of 18
 Department
PIA 2019-XX-xx DATE, 2019

5 COMMENTS FROM REVIEWER:

6 SIGNATORIES AND APPROVAL

DM or Delegate __________________________________________ __________________

Name, Position Date

Information Owner ___________________________________________ ___________________

Name, Position Date

ATIPP Office
Reviewer ___________________________________________ ___________________
Name, Position Date

To complete the process, a final copy of this PIA (with all applicable signatures and attachments)
must be provided to ATIPP office for its records.

/conversion/tmp/activity_task_scratch/568750998.docx
Insert Hyperlink
Page 18 of 18